Application Security Lead
Remote, United States
Accurate Background
Service and technology for better employment background checks. Accurate offers optimized screening programs to fit your company's needs.
The main purpose of the Application Security Manager at Accurate Background is to be the subject matter expert on application security testing, providing security oversight, best practices, and helping integrate security into Accurate’s system development lifecycle. This role reports to the Director of Global Security.
Responsibilities
- Manage and provide leadership to a team of security engineers, including hiring, training and performance management.
- Collaborate with Development & DevOps engineers to evaluate and operationalize security tools integrated in development environments.
- Collaborate with product managers, scrum masters, and application development to identify and inject security requirements into Acceptance Criteria of epics/ stories.
- Provide subject matter expertise on secure coding practice relating to SDLC, assist in building and rolling out related guidelines and standards, Conduct code scanning, including Static Application Security Testing (SAST), Software Composition Analysis (SCA), Software Composition Scanning (SCS), Infrastructure as Code (IaC), Dynamic Application Security Testing (DAST) and perform manual source code reviews for high-risk components.
- Research and monitor emerging threats and vulnerabilities, understand current industry and technology trends and opportunities, and assess their impact to applications and the business. Drive Risk Management and Security Compliance within the AppSec environment.
- Participate in a review board to address false positives and provide application security governance.
- Create documentation for application security metrics, policies, procedures, standards, guidelines and training.
Qualifications
- High level of expertise in Application development and security acquired through educational qualifications in computer science, Cyber Security or related field and a minimum of 4 years of relevant experience.
- A proven track record in providing expertise and guidance in developing cloud hosted applications with focus on security on C#, Java, Python, .Net, MongoDB, SQL Server, Oracle etc
- Strong understanding of various computing systems including Cloud architecture (AWS/Azure/GCP)
- Detailed knowledge of operating security tools such as SAST, SCA and DAST and - supporting teams to use them in the most effective ways.
- Strong working knowledge of various information technologies including user authentication, authorization pattern and components including knowledge of MFA mechanisms and configuration. Good awareness of industry best practices
- Data analysis, metrics development and reporting
- Experience with working in a highly outsourced environment (both infrastructure outsourcing and security operations outsourcing)
Preferred Qualifications
- CISSP, ISO 27001, CASE or relevant certifications
- CISSP, CASE or relevant certifications
- Experience with working in a highly outsourced environment (both infrastructure outsourcing and security operations outsourcing)
- Demonstrated ability to take initiative and accountability for achieving results.
- Effective communication skills with technical and non-technical staff
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
9
3
0
Categories:
AppSec Jobs
Leadership Jobs
Tags: Application security AWS Azure C CISSP Cloud Compliance Computer Science DAST DevOps GCP Governance ISO 27001 Java MongoDB Oracle Python Risk management SAST Scrum SDLC SQL SQL Server Vulnerabilities
Regions:
Remote/Anywhere
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Security Specialist jobsPenetration Tester jobsSenior Cyber Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsSenior Network Security Engineer jobsInformation System Security Officer jobsCloud Security Architect jobsChief Information Security Officer jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsCybersecurity Consultant jobsSenior Information Security Engineer jobsInformation System Security Officer (ISSO) jobsThreat Intelligence Analyst jobs
SaaS jobsSDLC jobsMalware jobsEncryption jobsRMF jobsForensics jobsSQL jobsGDPR jobsIPS jobsSplunk jobsIDS jobsTop Secret jobsEDR jobsFinance jobsDoDD 8570 jobsTerraform jobsBash jobsITIL jobsOWASP jobsCRISC jobsUNIX jobsGIAC jobsDocker jobsCompTIA jobsIntrusion detection jobs
TCP/IP jobsBanking jobsSANS jobsThreat detection jobsData Analytics jobsActive Directory jobsPolygraph jobsCCSP jobsOSCP jobsClearance Required jobsCyber defense jobsVPN jobsIT infrastructure jobsJavaScript jobsSOC 2 jobsAnsible jobsSOX jobsDNS jobsSOAR jobsJira jobsGCIH jobsSecurity strategy jobsOracle jobsNIST 800-53 jobsCryptography jobs